[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <44C4FC76.7090004@utdallas.edu>
Date: Mon, 24 Jul 2006 11:59:34 -0500
From: Paul Schmehl <pauls@...allas.edu>
To: Alice Bryson <abryson@...efocus.com>
Cc: Full Disclosure <full-disclosure@...ts.grok.org.uk>
Subject: Re: Please help to spam abryson@...efocus.com.
Alice Bryson wrote:
> 2006/7/24, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu>:
>> On Mon, 24 Jul 2006 15:58:13 +0800, Alice Bryson said:
>> > I am collecting spam for research using the mailbox
>> > abryson@...efocus.com.
>>
>> Step one: Convince us you're really Alice Bryson and this isn't an
>> attempt to beseige Alice with spam....
>>
>>
> Yes, i am Alice, to prove that you can send an email with a long
> number to abryson@...efocus.com, and i will reply you that number, ok?
>
What does that prove?
telnet mail.40networks.com 25
Trying 64.114.199.200...
Connected to mail.40networks.com.
Escape character is '^]'.
220 40networks.com ESMTP Sendmail 8.13.1/8.13.1; Mon, 24 Jul 2006
09:45:17 -0700
EHLO utdallas.edu
250-40networks.com Hello utd59514.utdallas.edu [129.110.3.28], pleased
to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ETRN
250-AUTH GSSAPI DIGEST-MD5 CRAM-MD5
250-DELIVERBY
250 HELP
MAIL FROM: testing@...allas.edu
250 2.1.0 testing@...allas.edu... Sender ok
RCPT TO: abryson@...efocus.com
250 2.1.5 abryson@...efocus.com... Recipient ok
QUIT
221 2.0.0 40networks.com closing connection
Connection closed by foreign host.
So the address is valid, but we still have no way of knowing if you are
really Alice Bryson or if you're someone joejobbing Alice Bryson. Do
you have a digital ID? If so, sign the response to this message. Then
we will know for sure that you are Alice (or that you stole her ID!)
--
Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
Download attachment "smime.p7s" of type "application/x-pkcs7-signature" (5268 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists